Earlier today a Twitter conversation amongst some SharePoint people including my good buddies Todd Klindt and Rick Taylor took place on the subject of the infamous “loopback fix”. I promised to do a follow up post here to clear up some misconceptions about this subject with respect to SharePoint.
What is the issue? Windows Server 2003 SP1 introduced a loopback security check. This feature is obviously also present in Windows Server 2008. The feature prevents access to a web application using a fully qualified domain name (FQDN) if an attempt to access it takes place from a machine that hosts that application. The end result is a 401.1 Access Denied from the web server and a logon failure in the event log.
Yer quite welcome. That article was a total lifesaver to me. One thing I don't fully understand tho if I followed it correclty is that this is pretty much 100% guaranteed to be needed if it's a single-server installation. But later one when I rebuilt my farm and split out to SQL + Web Front End, I found that I still needed to do it! Right now we are still in dev\test environments, but I'm close to bringing my first production farm online.